2. E-mail Security A Growing Concern
Spam problems continue
• Spammers constantly evolving new techniques
• Systems often outdated and rely only on IP filtering
• Only 11% of organizations reported 99% effectiveness*
Malware attacks on the rise
• Malware incidents are increasing in organizations of all sizes*
• Attacks are often blended (e.g. spammed viruses)
• Increasing use of attachments to transmit viruses*
Increasing need for data encryption
• New regulations demand increased data privacy
• Data leakage carries legal, financial risks
• Encryption can be difficult to implement and manage
*IDC, 2009
3. Better Together Protection
Integrated defense in depth
Encryption Anti-Spam Anti-Virus
Basic Multiple
Automatic Encryption Engine Anti-
S/MIME Support Malware
Premium Detection
Information Rights
Management Support Unified Management
Hosted, Hybrid Protection
Perimeter Protection
4. Encryption
Default encryption internally and externally
• Client to Server - Secure Sockets Layer (SSL)
• Server to Server - Transport Layer Security (TLS)
• Perimeter to Perimeter - Opportunistic TLS
Perimeter Internet
Network Perimeter
Network
Clients
Internal Network
5. Encryption
Protect sensitive data
S/MIME Support
Enables users to send signed and encrypted e-mail to one
another from a variety of devices.
• Send from Outlook, Outlook Web App, and Windows Mobile 6.0+
Information Rights Management Support
Provides persistent protection to control who can access,
forward, print or copy sensitive data.
• AD RMS Pre-licensing improves mobile/offline experience
• Automatic IRM-protection through transport rules
• Transport decryption to enable AV/AS scanning
• Native IRM support in OWA
6. Encryption
Enable processing of rights protected e-mail
Infected messages and
spam can be filtered
Protected messages sent
to transport server
Messages are re-encrypted
and delivered
Messages and attachments
decrypted to enable content Journaled messages
filtering, transport rules include decrypted clear-
text copy
7. Perimeter Protection
Overview
Enterprise Network
Edge Hub Transport
Transport Routing & policy
External Routing & AV/AS
mail
Mailbox
Storage of Unified
mailbox items Messaging
Voice mail &
Mobile voice access
phone
Web browser
Client Access
Client connectivity
Outlook Web services
(remote user)
Outlook (local user)
8. Perimeter Protection
EdgeSync enhances anti-spam filtering
MALWARE SAFE /BLOCKED SENDER
SPAM LISTS
Internet Edge Server Internal Network
Safe and blocked sender lists synched to Edge in seconds
Fewer false positives enables more aggressive filtering
9. Basic Anti-Spam
Three layers of protection
Connection Filtering
1 Incoming
Internet
Filters connections based on internal E-mail
and third party IP block/allow lists.
1 Connection Filtering
Sender-Recipient Filtering
2 2
Sender-Recipient
Filtering
Filters individual addresses based on internal
Content
lists and sender reputation. 3 Filtering
Administrator
Quarantine
Content Filtering Mailbox / Store
3 Attachment
Filtering
Scans words and phrases based on User Inbox
internal lists and automated analysis. User Junk
E-mail Folder
10. Premium Anti-Spam
More protection, less configuration
1 Connection Filtering • Pre-configured DNS Block List
• Aggregates data from multiple vendors
Administrator configures IP block/
allow lists and DNS block lists
2 Sender-Recipient Filtering • Sender-recipient lists managed from
Administrator configures sender- one point on console
recipient lists separately
Content Filtering
3 • Pre-configured content filter
• Continuous minute-by-minute updates
• Configurable content filter
• Inspects file type, not just extension
• Bi-weekly automatic updates
• Attachments stripped per extension
11. Forefront Anti-Malware
One solution, multiple anti-malware engines
• Deploy single solution using multiple integrated technologies
• Includes all engines in base cost
• Run up to five engines simultaneously on any scan job
• Most up-to-date engine automatically selected for optimal performance
A
B
C
D
Internet Exchange 2010
E
13. Hosted and Hybrid Protection
Forefront Online Protection for Exchange
Hosted Service On-Premise Software
Internet SMTP
Edge Transport Hub Transport Mailbox
Antivirus and anti-spam protection for
Exchange Server 2010 Server Roles
A choice of security options
Hosted: - Stop spam and viruses before they reach your network
- Reduce security management costs and maintenance
Hybrid: - Protection for both external and internal threats
14. Unified Management
One console for Exchange and Forefront settings
Central configuration for managing Exchange Dashboard for enterprise-wide
2010 and Forefront on premise and hosted visibility and reporting
security settings
Forefront Reports
Exchange SPAM Detail Statistics
Report Scope: All Computers
Report Time Span: Start: 8/29/2007 09 :00 PST End: 8/30/2007 09 :00 PST Generated on: 8/30/2007 09 :00
All dates and times are shown in Pacific Time (GMT -8:00)
Consolidated
Exchange SPAM Detail Statistics
Data Scope: All
view of filters
Message Blocked by connection filter
10000
and settings
8000
IP Block List
4000 IP Block Providers
6am 6pm
Message Allowed by connection filter
10000
8000 IP Allow List
4000
6am 6pm
Message Blocked by SMTP filter
10000
8000 Sender
Sender ID
4000 Recipient
6am 6pm
Message Distributed by content filter actions
10000 Received
8000
Rejected
Deleted
4000 Quarantined
6am 6pm
SPAM Confidence Level distribution
SCL 0
SCL 1
SCL 2
SCL 3
SCL 4
SCL 5
SCL 6
SCL 7
SCL 8
SCL 9
Unknown
15. Exchange 2010 + Forefront
Better Together Security
Superior anti-spam and anti-virus protection
• Configurable multi-layered filtering agents
• Continuous automatic content updates
• Multi-engine malware for faster, more reliable filtering
Extended encryption capabilities
• Automatic encryption inside and outside the organization
• Broad support for S/MIME and Information Rights Management
Simplified management
• Option of hosted and hybrid AV/AS options for lower TCO
• Manage Exchange and Forefront settings from one console